Authority information verifying method, display apparatus and authority information verifying system using the same

ABSTRACT

A method for verifying authority information to determine whether content are created according to the authority assigned to each content provider (CP), and a display apparatus and an authority information verifying system using the same are provided. The method includes transmitting an application created using a program and displaying the application or authority information based on the authority information included with the application. Accordingly, it may be possible to easily check whether received content is created by an authorized CP, and to ensure that only an authorized application programming interface (API) is operated based on the authority information so that unauthorized content can be prevented from being created using an unauthorized API.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority from Korean Patent Application No.10-2009-90546, filed on Sep. 24, 2009, in the Korean IntellectualProperty Office, the disclosure of which is incorporated herein byreference in its entirety.

BACKGROUND OF THE INVENTION

1. Field of the Invention

Methods and apparatuses consistent with the present invention relate toverifying authority information, and more particularly, to verifyingauthority information to determine whether content are created accordingto the authority assigned to a content provider (CP).

2. Description of the Related Art

Recently, as multimedia devices become widespread, the number and typeof content used in the multimedia devices is increasing geometrically.Also, thanks to the increase in the number of types of content, a usercan select from a diversity of types of content.

However, along with such a positive effect of providing diverse types ofcontent, there is a negative effect of increasing the number ofundesirable content and causing damage to a system. Therefore, there isa need to screen such undesirable content.

In particular, in the case that a content provider, (CP) which createsthe content, and a television (TV) (i.e., content display), whichprovides the content to the user, are separately provided, if thecontent created by the CP is not properly authenticated, the TV mayallow the displaying of content which is undesirable and/orunauthorized.

Therefore, there is a need for a method for authenticating the qualityof diverse content created by the CP more easily and rapidly.

SUMMARY OF THE INVENTION

Exemplary embodiments of the present invention overcome the abovedisadvantages and other disadvantages not described above. Also, thepresent invention is not required to overcome the disadvantagesdescribed above, and an exemplary embodiment of the present inventionmay not overcome any of the problems described above.

An aspect of the present invention provides a method for verifyingauthority information to select and display content provided by anauthorized content provider (CP), a display apparatus and an authorityinformation verifying system using the same.

According to an aspect of the present invention, a method for verifyingauthority information includes: transmitting, by a first device whichreceives a program and authority information for the program, anapplication created using the program to a second device, wherein theauthority information is included with the transmitted application; anddisplaying, by the second device, one of the application and theauthority information, based on the authority information included withthe application received from the first device.

Different authority information may be set for each device for using theprogram, wherein the second device sets first authority information forthe first device and transmits the first authority information to thefirst device, and if the authority information included with theapplication is not the first authority information, the second devicedoes not display the application.

Different authority information may be set for each device for using theprogram, wherein the second device sets first authority information forthe first device and transmits the first authority information to thefirst device, and displays the authority information included with theapplication.

Based on the authority information included with the application, thesecond device may determine whether an unauthorized applicationprogramming interface (API) is used to create the application, and ifthe unauthorized API is used, the second device does not display theapplication.

Based on the authority information included with the application, thesecond device may identify an authorized application programminginterface (API) and controls the authorized API to display theapplication.

The program may be operable to create a widget and the application is awidget, wherein the displaying operation displays information regardingauthority and type of the widget by including the information in thewidget.

The program may be operable to create a widget, and the application is awidget, wherein the displaying includes displaying a first widgetcreated by the first device differently from one of a second widgetcreated by the second device and a separate widget created by a separatedevice.

The application may be packed, and the authority information may beautomatically included with the application when the application ispacke.

The authority information may be assigned to each entity which uses theprogram.

The authority information may be encrypted and transmitted from thesecond device to the first device and transmitted from the first deviceto the second device, wherein the second device decrypts the encryptedauthority information.

The first device may create the application using the program, whereinthe second device may be operable to display the application created bythe first device or a separate application created by a separate device.

According to another aspect of the present invention, a displayapparatus may include: an interface which receives an applicationcreated by a device, wherein the device receives a program and authorityinformation for the program and uses the program to create theapplication, and wherein the authority information is included with thereceived application; and a controller which displays one of thereceived application and the received authority information based on thereceived authority information included with the received application.

Different authority information may be set for each device for using theprogram, wherein the controller sets first authority information for afirst device and transmits the first authority information to the firstdevice, and if the received authority information included with thereceived application is not the first authority information for thefirst device, the controller does not display the received application.

Different authority information may be set for each device for using theprogram, wherein the controller sets the authority information for thedevice and transmits the authority information to the device, anddisplays the received authority information.

The controller may determine whether an unauthorized API is used tocreate the received application, based on the authority informationincluded with the received application, and if the unauthorized API isused, the controller does not display the received application.

The controller may identify an authorized API used to create thereceived application, based on the received authority informationincluded with the received application, and only operates the authorizedAPI to display the received application.

The program may be operable to create a widget, and the application is awidget, wherein the controller displays information regarding authorityand type of the widget.

The program may be operable to create a widget, and the application is awidget, wherein the controller displays the widget created by thedevice, differently from a widget created by one of the displayapparatus and a separate device.

The authority information may be automatically included with theapplication when the application created using the program is packed.

Different authority information may be assigned to each entity whichuses the program.

The authority information may be encrypted and received through theinterface, wherein the controller decrypts the received encryptedauthority information.

According to still another aspect of the present invention, an authorityinformation verifying system may include: a first device which receivesa program and authority information for the program, and transmits anapplication which is created using the program; and a second devicewhich displays the application based on authority information which isincluded with the application received from the first device.

According to still another aspect of the present invention, a computerreadable recording medium having recorded thereon a program executing amethod, of the method which may include: creating content; packing thecontent and including authority information for the content; receivingthe packed content including the authority information; and displayingone of the received content and the received authority information,based on the received authority information included with the receivedcontent.

Additional aspects of the present invention will be set forth in thedetailed description, will be obvious from the detailed description, ormay be learned by practicing the invention.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

The above and/or other aspects of the present invention will be moreapparent by describing in detail exemplary embodiments thereof, withreference to the accompanying drawings in which:

FIG. 1 is a view illustrating an authority information verifying systemaccording to an exemplary embodiment of the present invention;

FIG. 2 is a flowchart illustrating a method for verifying authorityinformation according to an exemplary embodiment of the presentinvention;

FIG. 3 is a flowchart illustrating a method for displaying a widgetaccording to an exemplary embodiment of the present invention;

FIG. 4 is a view illustrating a screen on which a user widget isdisplayed according to an exemplary embodiment of the present invention;and

FIG. 5 is a block diagram illustrating a television (TV) according to anexemplary embodiment of the present invention.

DETAILED DESCRIPTION OF THE EXEMPLARY EMBODIMENTS

Hereinafter, the present invention will be described in greater detailwith reference to the accompanying drawings, in which exemplaryembodiments are shown.

In the following description, same reference numerals are used for thesame elements when they are depicted in different drawings. The mattersdefined in the description, such as detailed construction and elements,are merely provided to assist in a comprehensive understanding of theinvention. However, the exemplary embodiments of the present inventioncan be carried out without those specifically defined matters. Also,functions or elements known in the related art are not described indetail since they could obscure the invention with unnecessary detail.

FIG. 1 is a view illustrating an authority information verifying systemaccording to an exemplary embodiment of the present invention. Theauthority information verifying system according to an exemplaryembodiment of the present invention is established with separateentities, one for manufacturing/creating a widget, and the other forproviding the manufactured/created widget to a user.

In this exemplary embodiment, the authority information verifying systemincludes a TV 100 to display a widget and a content provider (CP)1 10and a CP2 20 to create the widget.

The TV 100 is a display apparatus which displays a widget and providesthe widget to a user. However, it can be understood that the TV 100 maybe an entity that produces/manufactures such a display apparatus. The TV100 transmits a program for the creating of the widget to be displayedon the display apparatus (hereinafter, collectively referred to as“software development kit” (SDK)) to the CP1 10 and the CP2 20.

The CP may be an enterprise which specializes in creating content, butas used herein, the term “CP” encompasses all entities that can createcontent. That is, the CP may also be an unspecialized enterprise or anindividual.

As shown in FIG. 1. the TV 100 transmits the SDK to the CP1 10 and theCP2 20 along with authority information assigned to each CP. That is,the SDK is transmitted to the CP1 10 along with authority information 1and to the CP2 20 along with authority information 2. In particular, theauthority information 1, 2 are assigned to respective CPs and encryptedso as not to be intentionally changed by each CP.

Herein, the SDK transmitted to the CP1 10 by the TV 100 may not be thesame as the SDK transmitted to the CP2 20. The TV 100 may transmitdifferent SDKs to the CPs in order to restrict the capability of each CPto develop a widget. For example, the TV 100 transmits to the CP1 10 aSDK to develop a widget about stocks and to the CP2 20 a SDK to developa widget about weather. Different SDKs may be transmitted according tothe type of a widget as described above, and also, different SDKs may betransmitted to different CPs according to the factors for representingwidgets, the widgets' capacities, the widgets' sizes, and the widgets'purposes.

Table 1 is provided to explain authority information assigned to each CPand encrypted. As shown in Table 1, if authority information 08 and 04are assigned to the CPs respectively, the authority information 08 and04 are encrypted as 0*1234567890123456 and 0*0987654321098765, includedin the SDKs, and transmitted. In this embodiment, the encryption isperformed using AES128, but may be performed in any other method.

TABLE 1 Original Authority Information Encrypted Authority InformationCP1: 08 0*1234567890123456 CP2: 04 0*0987654321098765

If the encrypted authority information are included in the SDKs andtransmitted to the CP1 10 and the CP2 20, the CP1 10 and the CP2 20develop/create widgets using the transmitted SDKs. In particular, sincethe CP1 10 and the CP2 20 receive the authority information which isencrypted and included in the SDK, the CP1 10 and the CP2 20 have nodiscretion to modify/change the authority information.

When completing the development/creation of the widgets, the CP1 10 andthe CP2 20 pack the developed widgets. The packed widget includes theencrypted authority information. That is, the CP1 10 packs the createdwidget along with the encrypted authority information 1 and transmitsthem to the TV 100, and the CP2 20 packs the created widget along withthe encrypted authority information 2 and transmits them to the TV 100.

The TV 100 decrypts the authority information 1, 2 received from the CP110 and the CP2 20, and analyzes the authority information to knowwhether or not an authorized CP creates the widget with an authorizedright.

Table 2 is provided to explain the authority information encrypted foreach CP and the decrypted authority information. As shown in Table 2, ifthe authority information which has been encrypted as 0*1234567890123456and 0*0987654321098765 for respective CPs are received, the TV 100decrypts the encrypted authority information as authority information 08and 04, and based on the decrypted authority information, the TV 100knows that each widget is created and transmitted with an authorizedright for the CP1 10 and the CP2 20.

TABLE 2 Encrypted Authority Decrypted Authority Information Information(Original Authority Information) 0*1234567890123456 08: CP10*0987654321098765 04: CP2

In order to allow the TV 100 to know whether the widget is created withan authorized right or not, the display apparatus may display thedecrypted authority information on a screen. Accordingly, the TV 100 canpromptly know whether the widget is created with an authorized right ornot and also does not display a widget that is created without anauthorized right.

Also, the TV 100 can know whether a widget is created using anauthorized application programming interface (API) or not based on theauthority information, and if a widget is created using an unauthorizedAPI, the TV 100 does not display the widget created using theunauthorized API or does not all the widgets.

As described above, through a first detect process of displayingdecrypted authority information on the screen and a second detectprocess of determining whether to display a widget according to whetherthe API is authorized or not, it can be easily checked whether thewidget is created by an authorized CP or not and a widget is preventedfrom being created using an unauthorized API.

It should be noted that while FIG. 1 shows the TV 100 transmitting theSDK to CP1 10 and CP2 20, the present invention is not limited to thisexemplary embodiment. Alternatively, the SDK may be transmitted to a CPfrom another server.

FIG. 2 is a flowchart illustrating a method for verifying authorityinformation according to an exemplary embodiment of the presentinvention.

In FIG. 2, a process of verifying authority information between the TV100 and the CP1 10 will be explained by way of an example.

In this exemplary embodiment, the TV 100 generates authority informationfor each CP (S210). That is, the TV 100 generates authority informationin order for the CP1 10 to create a widget (S210), and encrypts thegenerated authority information and includes it in the SDK (S220). Also,the TV 100 transmits the SDK, including the authority information, tothe CP1 10 (S230).

The CP1 10 develops a widget using the received SDK (S240) and packs thedeveloped widget (S250). At this time, the authority information isimplanted into (i.e., included with) the widget and packed along withthe widget (S250). If the packed widget and authority information isreleased to the TV 100 (S260), the TV 100 decrypts the authorityinformation and displays it on the screen for the user (S270).

The user can know whether or not the widget is created by anunauthorized CP based on the decrypted authority information. Therefore,if a command to remove the widget is input from the user (S280-Y), theTV 100 removes the widget (S300) so that the widget is not displayed onthe screen.

On the other hand, if a command to remove the widget is not input by theuser based on the decrypted authority information (S280-N), the TV 100determines whether an authorized API is used or not during themanufacturing/creating operation of the widget based on the authorityinformation (S290).

If only the authorized API is used (S310-Y), the TV 100 displays thewidget on the screen (S330), and if an unauthorized API is used(S310-N), the TV 100 allows only the authorized API to operate todisplay the widget (S320). However, if it is determined that theunauthorized API is used (S310-N), the TV 100 may operate not to displaythe widget.

Accordingly, it can be easily checked whether the widget is created bythe authorized CP or not and only the authorized API is operated basedon the authority information, so that a widget can be prevented frombeing created using an unauthorized API.

Hereinafter, a process of displaying a widget will be described indetail with reference to FIG. 3.

FIG. 3 is a flowchart illustrating a method for displaying a widgetaccording to an exemplary embodiment of the present invention.

As shown in FIG. 3, if a user logs in (S340), a user widget is updatedand displayed on the TV 100 (S350). Herein, the “user widget” refers toa widget which is created by the CP as described above. For theconvenience of explanation, the widget created by the CP is referred toas a “user widget” and the widget directly manufactured or created bythe TV 100 is referred to as a “general widget”.

When displaying the updated user widget, the TV 100 displays the generalwidget on the screen. In this case, there is a problem that a usercannot discriminate between the general widget and the user widget.

Therefore, the TV 100 displays the user widget along with informationabout the authority and the type of the user widget so that the userwidget can be discriminated from the general widget (S360).

That is, the user can identify the user widget more easily and simplyand accordingly the development of the user widget can be promoted.

FIG. 4 is a view illustrating a screen on which the user widget isdisplayed. In FIG. 4, for the convenience of explanation, a view beforelogin, a login view, and a view after login are displayed on one screenscreen.

If a user widget is received from the CP1 10, the user widget isdisplayed on the screen of the TV 100 without being discriminated from ageneral widget. After that, if a user is verified by logging in, theuser widget is displayed discriminately (i.e., differently) from thegeneral widget.

In FIG. 4, in order to discriminate the user widget from the generalwidget, a highlight 410 indicating that information is containedtherein, and a highlight 420 identifying the user widget, overlap theuser widget. Of course, the view of FIG. 4 is merely an example for theconvenience of explanation and any information on the widget includingthe authority information of the widget and the type of the widget canbe regarded as being within the scope of the present invention.

As described above with regard to the exemplary embodiment depicted inFIG. 4, the user widget is displayed discriminately (i.e., differently)from the general widget so that the user might easily identify whichwidget is the user widget.

FIG. 5 is a block diagram illustrating the TV 100 described above.

As shown in FIG. 5, the TV 100 includes a broadcast receiver 110, abroadcast processor 120, a broadcast output unit 130, an interface 140,a controller 150, a storage unit 160, and a user input unit 170.

The broadcast receiver tunes and demodulates one of the broadcasts whichare received in a wired or wireless manner (e.g., through the air, cableor network).

The broadcast processor 120 signal-processes broadcast signals outputfrom the broadcast receiver 110. More specifically, the broadcastprocessor 120 divides the broadcast signals output from the broadcastreceiver 110 into audio signals, video signals, and additional data, anddecodes the audio signals divided from the broadcast signals, andconverts the decoded audio signals into audio signals of a format whichcan be output through a speaker provided on the TV 100.

Also, the broadcast processor 120 decodes the video signals divided fromthe broadcast signals, and converts the decoded video signals into videosignals of a format which can be output through a display provided onthe TV 100. To accomplish this, the broadcast processor 120 performscolor signal processing and scaling with respect to the decoded videosignals.

Also, the broadcast processor 120 creates a widget to be displayed onthe display under the control of the controller 150. Herein, the widgetincludes a general widget created by the TV 100 and a user widgetreceived from a CP through the interface 140, which will be described indetail below.

The broadcast output unit 130 outputs a video and an audio correspondingto the video signals and the audio signals output from the broadcastprocessor 120 and provides them to the user.

In this exemplary embodiment, the interface 140 serves as a passage totransmit a SDK to the CP and receive a widget from the CP. Accordingly,the user widget received from the CP through the interface 140 isprocessed by the broadcast processor 120, under the control of thecontroller 150, and is displayed on the screen along with the generalwidget.

The storage unit 160 stores information regarding the broadcast programreceived by the broadcast receiver 110, authority information for eachCP, and a program for operating the TV 100. The storage unit 160 may berealized as a hard disk or a non-volatile memory.

The user input unit 170 transmits a user command which is input througha remote controller (not shown) or a manipulation button (not shown)provided on a front panel of the TV 100 to the controller 150.

The controller 150 controls the overall operation of the TV 100according to the user command transmitted from the user input unit 170.

Although the method for the TV 100 to assign authority to the CP isdescribed above, this is merely an example. For example, the technicalidea of the present invention can be applied to the situations in whicha user using the TV 100 assigns authority to the CP by transmitting aSDK including authority information using a storage medium.

Although the authority to create a widget is assigned, the technicalidea of the present invention can be applied to the situations in whichthe authority to create other items or content may be assigned.

Also, although the TV 100 is explained as an example of an enterpriseassigning authority, this is merely an example. Any display apparatusthat can display items or content such as widgets can be regarded asbeing within the technical scope of the present invention.

According to an aspect of the present invention, it may be possible toeasily determine whether content are created by an authorized CP, andonly an authorized API is operated based on the authority information sothat particular types of content can be prevented from being generatedusing an unauthorized API.

The foregoing exemplary embodiments are merely exemplary and are not tobe construed as limiting the present invention. The present teaching canbe readily applied to other types of apparatuses. Also, the descriptionof the exemplary embodiments of the present invention is intended to beillustrative, and not to limit the scope of the claims, and manyalternatives, modifications, and variations will be apparent to thoseskilled in the art.

1. A method for verifying authority information, the method comprising:transmitting, by a first device which receives a program and authorityinformation for the program, an application created using the program toa second device, wherein the authority information is included with thetransmitted application; and displaying, by the second device, one ofthe application and the authority information, based on the authorityinformation included with the application received from the firstdevice.
 2. The method as claimed in claim 1, wherein different authorityinformation is set for each device for using the program, wherein thesecond device sets first authority information for the first device andtransmits the first authority information to the first device, and ifthe authority information included with the application is not the firstauthority information, the second device does not display theapplication.
 3. The method as claimed in claim 1, wherein differentauthority information is set for each device for using the program,wherein the second device sets first authority information for the firstdevice and transmits the first authority information to the firstdevice, and displays the authority information included with theapplication.
 4. The method as claimed in claim 1, wherein, based on theauthority information included with the application, the second devicedetermines whether an unauthorized application programming interface(API) is used to create the application, and if the unauthorized API isused, the second device does not display the application.
 5. The methodas claimed in claim 1, wherein, based on the authority informationincluded with the application, the second device identifies anauthorized application programming interface (API) and controls theauthorized API to display the application.
 6. The method as claimed inclaim 1, wherein the program is operable to create a widget and theapplication is a widget, wherein the displaying operation displaysinformation regarding authority and type of the widget by including theinformation in the widget.
 7. The method as claimed in claim 1, whereinthe program is operable to create a widget, and the application is awidget, wherein the displaying includes displaying a first widgetcreated by the first device differently from one of a second widgetcreated by the second device and a separate widget created by a separatedevice.
 8. The method as claimed in claim 1, wherein the application ispacked, and the authority information is automatically included with theapplication when the application is packed.
 9. The method as claimed inclaim 1, wherein the authority information is assigned to each entitywhich uses the program.
 10. The method as claimed in claim 1, whereinthe authority information is encrypted and transmitted from the seconddevice to the first device and transmitted from the first device to thesecond device, wherein the second device decrypts the encryptedauthority information.
 11. The method as claimed in claim 1, wherein thefirst device creates the application using the program, wherein thesecond device is operable to display the application created by thefirst device or a separate application created by a separate device. 12.A display apparatus comprising: an interface which receives anapplication created by a device, wherein the device receives a programand authority information for the program and uses the program to createthe application, and wherein the authority information is included withthe received application; and a controller which displays one of thereceived application and the received authority information based on thereceived authority information included with the received application.13. The display apparatus as claimed in claim 12, wherein differentauthority information is set for each device for using the program,wherein the controller sets first authority information for a firstdevice and transmits the first authority information to the firstdevice, and if the received authority information included with thereceived application is not the first authority information for thefirst device, the controller does not display the received application.14. The display apparatus as claimed in claim 12, wherein differentauthority information is set for each device for using the program,wherein the controller sets the authority information for the device andtransmits the authority information to the device, and displays thereceived authority information.
 15. The display apparatus as claimed inclaim 12, wherein the controller determines whether an unauthorized APIis used to create the received application, based on the authorityinformation included with the received application, and if theunauthorized API is used, the controller does not display the receivedapplication.
 16. The display apparatus as claimed in claim 12, whereinthe controller identifies an authorized API used to create the receivedapplication, based on the received authority information included withthe received application, and only operates the authorized API todisplay the received application.
 17. The display apparatus as claimedin claim 12, wherein the program is operable to create a widget, and theapplication is a widget, wherein the controller displays informationregarding authority and type of the widget.
 18. The display apparatus asclaimed in claim 12, wherein the program is operable to create a widget,and the application is a widget, wherein the controller displays thewidget created by the device, differently from a widget created by oneof the display apparatus and a separate device.
 19. The displayapparatus as claimed in claim 12, wherein the authority information isautomatically included with the application when the application createdusing the program is packed.
 20. The display apparatus as claimed inclaim 12, wherein different authority information is assigned to eachentity which uses the program.
 21. The display apparatus as claimed inclaim 12, wherein the authority information is encrypted and receivedthrough the interface, wherein the controller decrypts the receivedencrypted authority information.
 22. An authority information verifyingsystem, comprising: a first device which receives a program andauthority information for the program, and transmits an applicationwhich is created using the program; and a second device which displaysthe application based on authority information which is included withthe application received from the first device.
 23. A computer readablerecording medium having recorded thereon a program executing a method,of the method comprising: creating content; packing the content andincluding authority information for the content; receiving the packedcontent including the authority information; and displaying one of thereceived content and the received authority information, based on thereceived authority information included with the received content.